Merge changes from topics "sap_lohs_toWifiConfig", "wpa3-enterprise-rvc-qpr-dev" into rvc-qpr-dev

                .build();

        assertNull(band_6g_config.toWifiConfiguration());

        SoftApConfiguration sae_transition_config = new SoftApConfiguration.Builder()

                .setPassphrase("secretsecret",

                        SoftApConfiguration.SECURITY_TYPE_WPA3_SAE_TRANSITION)

                .build();

        assertNull(sae_transition_config.toWifiConfiguration());

    }

    @Test

        assertThat(wifiConfig_2g5g.apBand).isEqualTo(WifiConfiguration.AP_BAND_ANY);

        assertThat(wifiConfig_2g5g.apChannel).isEqualTo(0);

        assertThat(wifiConfig_2g5g.hiddenSSID).isEqualTo(true);

        SoftApConfiguration softApConfig_sae_transition = new SoftApConfiguration.Builder()

                .setPassphrase("secretsecret",

                SoftApConfiguration.SECURITY_TYPE_WPA3_SAE_TRANSITION)

                .build();

        WifiConfiguration wifiConfig_sae_transition =

                softApConfig_sae_transition.toWifiConfiguration();

        assertThat(wifiConfig_sae_transition.getAuthType())

                .isEqualTo(WifiConfiguration.KeyMgmt.WPA2_PSK);

        assertThat(wifiConfig_sae_transition.preSharedKey).isEqualTo("secretsecret");

    }

}

import static org.junit.Assert.assertEquals;

import static org.junit.Assert.assertFalse;

import static org.junit.Assert.assertNotNull;

import static org.junit.Assert.assertNull;

import static org.junit.Assert.assertTrue;

import android.net.MacAddress;

import org.junit.Test;

import java.security.cert.X509Certificate;

/**

 * Unit tests for {@link android.net.wifi.WifiNetworkSpecifier}.

 */

    private static final String TEST_BSSID_OUI_MASK = "ff:ff:ff:00:00:00";

    private static final String TEST_BSSID = "12:12:12:12:12:12";

    private static final String TEST_PRESHARED_KEY = "\"Test123\"";

    private static final String TEST_DOMAIN_SUFFIX_MATCH = "domainSuffixMatch";

    /**

     * Validate correctness of WifiNetworkSpecifier object created by

                wifiNetworkSpecifier.wifiConfiguration.enterpriseConfig.getPhase2Method());

    }

    /**

     * Validate correctness of WifiNetworkSuggestion object created by

     * {@link WifiNetworkSuggestion.Builder#build()} for WPA3-Enterprise network.

     */

    @Test

    public void testWifiNetworkSuggestionBuilderForWpa3EapNetwork() {

        WifiEnterpriseConfig enterpriseConfig = new WifiEnterpriseConfig();

        enterpriseConfig.setEapMethod(WifiEnterpriseConfig.Eap.TLS);

        enterpriseConfig.setCaCertificate(FakeKeys.CA_CERT0);

        enterpriseConfig.setDomainSuffixMatch(TEST_DOMAIN_SUFFIX_MATCH);

        NetworkSpecifier specifier = new WifiNetworkSpecifier.Builder()

                .setSsid(TEST_SSID)

                .setWpa3EnterpriseConfig(enterpriseConfig)

                .build();

        assertTrue(specifier instanceof WifiNetworkSpecifier);

        WifiNetworkSpecifier wifiNetworkSpecifier = (WifiNetworkSpecifier) specifier;

        assertEquals("\"" + TEST_SSID + "\"", wifiNetworkSpecifier.wifiConfiguration.SSID);

        assertTrue(wifiNetworkSpecifier.wifiConfiguration.allowedKeyManagement

                .get(WifiConfiguration.KeyMgmt.IEEE8021X));

        assertTrue(wifiNetworkSpecifier.wifiConfiguration.allowedKeyManagement

                .get(WifiConfiguration.KeyMgmt.WPA_EAP));

        assertFalse(wifiNetworkSpecifier.wifiConfiguration.allowedKeyManagement

                .get(WifiConfiguration.KeyMgmt.SUITE_B_192));

        assertTrue(wifiNetworkSpecifier.wifiConfiguration.allowedGroupCiphers

                .get(WifiConfiguration.GroupCipher.CCMP));

        assertTrue(wifiNetworkSpecifier.wifiConfiguration.requirePmf);

        assertNull(wifiNetworkSpecifier.wifiConfiguration.preSharedKey);

        assertNotNull(wifiNetworkSpecifier.wifiConfiguration.enterpriseConfig);

    }

    /**

     * Validate correctness of WifiNetworkSuggestion object created by

     * {@link WifiNetworkSuggestion.Builder#build()} for WPA3-Enterprise 192-bit RSA SuiteB network.

     */

    @Test

    public void testWifiNetworkSuggestionBuilderForWpa3SuiteBRsaEapNetwork() {

        WifiEnterpriseConfig enterpriseConfig = new WifiEnterpriseConfig();

        enterpriseConfig.setEapMethod(WifiEnterpriseConfig.Eap.TLS);

        enterpriseConfig.setCaCertificate(FakeKeys.CA_SUITE_B_RSA3072_CERT);

        enterpriseConfig.setClientKeyEntryWithCertificateChain(FakeKeys.CLIENT_SUITE_B_RSA3072_KEY,

                new X509Certificate[] {FakeKeys.CLIENT_SUITE_B_RSA3072_CERT});

        enterpriseConfig.setDomainSuffixMatch(TEST_DOMAIN_SUFFIX_MATCH);

        NetworkSpecifier specifier = new WifiNetworkSpecifier.Builder()

                .setSsid(TEST_SSID)

                .setWpa3EnterpriseConfig(enterpriseConfig)

                .build();

        assertTrue(specifier instanceof WifiNetworkSpecifier);

        WifiNetworkSpecifier wifiNetworkSpecifier = (WifiNetworkSpecifier) specifier;

        assertEquals("\"" + TEST_SSID + "\"", wifiNetworkSpecifier.wifiConfiguration.SSID);

        assertTrue(wifiNetworkSpecifier.wifiConfiguration.allowedKeyManagement

                .get(WifiConfiguration.KeyMgmt.SUITE_B_192));

        assertTrue(wifiNetworkSpecifier.wifiConfiguration.allowedGroupCiphers

                .get(WifiConfiguration.GroupCipher.GCMP_256));

        assertTrue(wifiNetworkSpecifier.wifiConfiguration.allowedGroupManagementCiphers

                .get(WifiConfiguration.GroupMgmtCipher.BIP_GMAC_256));

        assertTrue(wifiNetworkSpecifier.wifiConfiguration.requirePmf);

        assertNull(wifiNetworkSpecifier.wifiConfiguration.preSharedKey);

        assertNotNull(wifiNetworkSpecifier.wifiConfiguration.enterpriseConfig);

    }

    /**

     * Validate correctness of WifiNetworkSuggestion object created by

     * {@link WifiNetworkSuggestion.Builder#build()} for WPA3-Enterprise 192-bit ECC SuiteB network.

     */

    @Test

    public void testWifiNetworkSuggestionBuilderForWpa3SuiteBEccEapNetwork() {

        WifiEnterpriseConfig enterpriseConfig = new WifiEnterpriseConfig();

        enterpriseConfig.setEapMethod(WifiEnterpriseConfig.Eap.TLS);

        enterpriseConfig.setCaCertificate(FakeKeys.CA_SUITE_B_ECDSA_CERT);

        enterpriseConfig.setClientKeyEntryWithCertificateChain(FakeKeys.CLIENT_SUITE_B_ECC_KEY,

                new X509Certificate[] {FakeKeys.CLIENT_SUITE_B_ECDSA_CERT});

        enterpriseConfig.setDomainSuffixMatch(TEST_DOMAIN_SUFFIX_MATCH);

        NetworkSpecifier specifier = new WifiNetworkSpecifier.Builder()

                .setSsid(TEST_SSID)

                .setWpa3EnterpriseConfig(enterpriseConfig)

                .build();

        assertTrue(specifier instanceof WifiNetworkSpecifier);

        WifiNetworkSpecifier wifiNetworkSpecifier = (WifiNetworkSpecifier) specifier;

        assertEquals("\"" + TEST_SSID + "\"", wifiNetworkSpecifier.wifiConfiguration.SSID);

        assertTrue(wifiNetworkSpecifier.wifiConfiguration.allowedKeyManagement

                .get(WifiConfiguration.KeyMgmt.SUITE_B_192));

        assertTrue(wifiNetworkSpecifier.wifiConfiguration.allowedGroupCiphers

                .get(WifiConfiguration.GroupCipher.GCMP_256));

        assertTrue(wifiNetworkSpecifier.wifiConfiguration.allowedGroupManagementCiphers

                .get(WifiConfiguration.GroupMgmtCipher.BIP_GMAC_256));

        assertTrue(wifiNetworkSpecifier.wifiConfiguration.requirePmf);

        assertNull(wifiNetworkSpecifier.wifiConfiguration.preSharedKey);

        assertNotNull(wifiNetworkSpecifier.wifiConfiguration.enterpriseConfig);

    }

    /**

     * Ensure {@link WifiNetworkSpecifier.Builder#setSsid(String)} throws an exception

import org.junit.Test;

import java.security.cert.X509Certificate;

/**

 * Unit tests for {@link android.net.wifi.WifiNetworkSuggestion}.

 */

        assertFalse(suggestion.isInitialAutoJoinEnabled);

    }

    /**

     * Validate correctness of WifiNetworkSuggestion object created by

     * {@link WifiNetworkSuggestion.Builder#build()} for WPA3-Enterprise network.

     * {@link WifiNetworkSuggestion.Builder#build()} for SuiteB network.

     */

    @Test

    public void testWifiNetworkSuggestionBuilderForWpa3EapNetwork() {

        WifiEnterpriseConfig enterpriseConfig = new WifiEnterpriseConfig();

        enterpriseConfig.setEapMethod(WifiEnterpriseConfig.Eap.TLS);

        enterpriseConfig.setPhase2Method(WifiEnterpriseConfig.Phase2.GTC);

        enterpriseConfig.setCaCertificate(FakeKeys.CA_CERT0);

        enterpriseConfig.setDomainSuffixMatch(TEST_DOMAIN_SUFFIX_MATCH);

        WifiNetworkSuggestion suggestion = new WifiNetworkSuggestion.Builder()

                .setSsid(TEST_SSID)

                .setWpa3EnterpriseConfig(enterpriseConfig)

                .build();

        assertEquals("\"" + TEST_SSID + "\"", suggestion.wifiConfiguration.SSID);

        assertTrue(suggestion.wifiConfiguration.allowedKeyManagement

                .get(WifiConfiguration.KeyMgmt.IEEE8021X));

        assertTrue(suggestion.wifiConfiguration.allowedKeyManagement

                .get(WifiConfiguration.KeyMgmt.WPA_EAP));

        assertFalse(suggestion.wifiConfiguration.allowedKeyManagement

                .get(WifiConfiguration.KeyMgmt.SUITE_B_192));

        assertTrue(suggestion.wifiConfiguration.allowedGroupCiphers

                .get(WifiConfiguration.GroupCipher.CCMP));

        assertTrue(suggestion.wifiConfiguration.requirePmf);

        assertNull(suggestion.wifiConfiguration.preSharedKey);

        // allowedSuiteBCiphers are set according to the loaded certificate and cannot be tested

        // here.

        assertTrue(suggestion.isUserAllowedToManuallyConnect);

        assertTrue(suggestion.isInitialAutoJoinEnabled);

        assertNotNull(suggestion.getEnterpriseConfig());

    }

    /**

     * Validate correctness of WifiNetworkSuggestion object created by

     * {@link WifiNetworkSuggestion.Builder#build()} for WPA3-Enterprise 192-bit RSA SuiteB network.

     */

    @Test

    public void testWifiNetworkSuggestionBuilderForWpa3SuiteBRsaEapNetwork() {

        WifiEnterpriseConfig enterpriseConfig = new WifiEnterpriseConfig();

        enterpriseConfig.setEapMethod(WifiEnterpriseConfig.Eap.TLS);

        enterpriseConfig.setCaCertificate(FakeKeys.CA_SUITE_B_RSA3072_CERT);

        enterpriseConfig.setClientKeyEntryWithCertificateChain(FakeKeys.CLIENT_SUITE_B_RSA3072_KEY,

                new X509Certificate[] {FakeKeys.CLIENT_SUITE_B_RSA3072_CERT});

        enterpriseConfig.setDomainSuffixMatch(TEST_DOMAIN_SUFFIX_MATCH);

        WifiNetworkSuggestion suggestion = new WifiNetworkSuggestion.Builder()

                .setSsid(TEST_SSID)

                .setWpa3EnterpriseConfig(enterpriseConfig)

                .build();

        assertEquals("\"" + TEST_SSID + "\"", suggestion.wifiConfiguration.SSID);

        assertTrue(suggestion.wifiConfiguration.allowedKeyManagement

                .get(WifiConfiguration.KeyMgmt.SUITE_B_192));

        assertTrue(suggestion.wifiConfiguration.allowedGroupCiphers

                .get(WifiConfiguration.GroupCipher.GCMP_256));

        assertTrue(suggestion.wifiConfiguration.allowedGroupManagementCiphers

                .get(WifiConfiguration.GroupMgmtCipher.BIP_GMAC_256));

        assertTrue(suggestion.wifiConfiguration.requirePmf);

        assertNull(suggestion.wifiConfiguration.preSharedKey);

        // allowedSuiteBCiphers are set according to the loaded certificate and cannot be tested

        // here.

        assertTrue(suggestion.isUserAllowedToManuallyConnect);

        assertTrue(suggestion.isInitialAutoJoinEnabled);

        assertNotNull(suggestion.getEnterpriseConfig());

    }

    /**

     * Validate correctness of WifiNetworkSuggestion object created by

     * {@link WifiNetworkSuggestion.Builder#build()} for WPA3-Enterprise 192-bit ECC SuiteB network.

     */

    @Test

    public void testWifiNetworkSuggestionBuilderForWpa3SuiteBEccEapNetwork() {

        WifiEnterpriseConfig enterpriseConfig = new WifiEnterpriseConfig();

        enterpriseConfig.setEapMethod(WifiEnterpriseConfig.Eap.TLS);

        enterpriseConfig.setCaCertificate(FakeKeys.CA_SUITE_B_ECDSA_CERT);

        enterpriseConfig.setClientKeyEntryWithCertificateChain(FakeKeys.CLIENT_SUITE_B_ECC_KEY,

                new X509Certificate[] {FakeKeys.CLIENT_SUITE_B_ECDSA_CERT});

        enterpriseConfig.setDomainSuffixMatch(TEST_DOMAIN_SUFFIX_MATCH);

        WifiNetworkSuggestion suggestion = new WifiNetworkSuggestion.Builder()

                .setSsid(TEST_SSID)

                .setWpa3EnterpriseConfig(enterpriseConfig)

import static org.junit.Assert.assertNotEquals;

import static org.junit.Assert.assertTrue;

import android.net.wifi.EAPConstants;

import android.net.wifi.FakeKeys;

import android.net.wifi.hotspot2.pps.Credential;

import android.net.wifi.hotspot2.pps.HomeSp;

import android.os.Parcel;

import org.junit.Test;

import java.nio.charset.StandardCharsets;

import java.security.MessageDigest;

import java.security.NoSuchAlgorithmException;

import java.security.PrivateKey;

import java.security.cert.CertificateEncodingException;

import java.security.cert.X509Certificate;

import java.util.Arrays;

import java.util.HashMap;

import java.util.Map;

    }

    /**

     * Verify that the unique identifier generated is the same for two instances with different

     * HomeSp node but same FQDN

     * Verify that the unique identifier generated is different for two instances with different

     * HomeSp node

     *

     * @throws Exception

     */

    @Test

    public void validateUniqueIdDifferentHomeSpSameFqdn() throws Exception {

    public void validateUniqueIdDifferentHomeSp() throws Exception {

        PasspointConfiguration config1 = PasspointTestUtils.createConfig();

        // Modify config2's RCOIs and friendly name to a different set of values

        // Modify config2's RCOIs to a different set of values

        PasspointConfiguration config2 = PasspointTestUtils.createConfig();

        HomeSp homeSp = config2.getHomeSp();

        homeSp.setRoamingConsortiumOis(new long[] {0xaa, 0xbb});

        homeSp.setFriendlyName("Some other name");

        config2.setHomeSp(homeSp);

        assertEquals(config1.getUniqueId(), config2.getUniqueId());

    }

    /**

     * Verify that the unique identifier generated is different for two instances with the same

     * HomeSp node but different FQDN

     *

     * @throws Exception

     */

    @Test

    public void validateUniqueIdSameHomeSpDifferentFqdn() throws Exception {

        PasspointConfiguration config1 = PasspointTestUtils.createConfig();

        // Modify config2's FQDN to a different value

        PasspointConfiguration config2 = PasspointTestUtils.createConfig();

        HomeSp homeSp = config2.getHomeSp();

        homeSp.setFqdn("fqdn2.com");

        config2.setHomeSp(homeSp);

        assertNotEquals(config1.getUniqueId(), config2.getUniqueId());

    /**

     * Verify that the unique identifier generated is different for two instances with different

     * SIM Credential node

     * Credential node

     *

     * @throws Exception

     */

    @Test

    public void validateUniqueIdDifferentSimCredential() throws Exception {

    public void validateUniqueIdDifferentCredential() throws Exception {

        PasspointConfiguration config1 = PasspointTestUtils.createConfig();

        // Modify config2's realm and SIM credential to a different set of values

        // Modify config2's RCOIs to a different set of values

        PasspointConfiguration config2 = PasspointTestUtils.createConfig();

        Credential credential = config2.getCredential();

        credential.setRealm("realm2.example.com");

        assertNotEquals(config1.getUniqueId(), config2.getUniqueId());

    }

    /**

     * Verify that the unique identifier generated is different for two instances with different

     * Realm in the Credential node

     *

     * @throws Exception

     */

    @Test

    public void validateUniqueIdDifferentRealm() throws Exception {

        PasspointConfiguration config1 = PasspointTestUtils.createConfig();

        // Modify config2's realm to a different set of values

        PasspointConfiguration config2 = PasspointTestUtils.createConfig();

        Credential credential = config2.getCredential();

        credential.setRealm("realm2.example.com");

        config2.setCredential(credential);

        assertNotEquals(config1.getUniqueId(), config2.getUniqueId());

    }

    /**

     * Verify that the unique identifier generated is the same for two instances with different

     * password and same username in the User Credential node

     *

     * @throws Exception

     */

    @Test

    public void validateUniqueIdSameUserInUserCredential() throws Exception {

        PasspointConfiguration config1 = PasspointTestUtils.createConfig();

        Credential credential = createCredentialWithUserCredential("user", "passwd");

        config1.setCredential(credential);

        // Modify config2's Passpowrd to a different set of values

        PasspointConfiguration config2 = PasspointTestUtils.createConfig();

        credential = createCredentialWithUserCredential("user", "newpasswd");

        config2.setCredential(credential);

        assertEquals(config1.getUniqueId(), config2.getUniqueId());

    }

    /**

     * Verify that the unique identifier generated is different for two instances with different

     * username in the User Credential node

     *

     * @throws Exception

     */

    @Test

    public void validateUniqueIdDifferentUserCredential() throws Exception {

        PasspointConfiguration config1 = PasspointTestUtils.createConfig();

        Credential credential = createCredentialWithUserCredential("user", "passwd");

        config1.setCredential(credential);

        // Modify config2's username to a different value

        PasspointConfiguration config2 = PasspointTestUtils.createConfig();

        credential = createCredentialWithUserCredential("user2", "passwd");

        config2.setCredential(credential);

        assertNotEquals(config1.getUniqueId(), config2.getUniqueId());

    }

    /**

     * Verify that the unique identifier generated is different for two instances with different

     * Cert Credential node

     *

     * @throws Exception

     */

    @Test

    public void validateUniqueIdDifferentCertCredential() throws Exception {

        PasspointConfiguration config1 = PasspointTestUtils.createConfig();

        Credential credential = createCredentialWithCertificateCredential(true, true);

        config1.setCredential(credential);

        // Modify config2's cert credential to a different set of values

        PasspointConfiguration config2 = PasspointTestUtils.createConfig();

        credential = createCredentialWithCertificateCredential(false, false);

        config2.setCredential(credential);

        assertNotEquals(config1.getUniqueId(), config2.getUniqueId());

    }

    /**

     * Helper function for generating certificate credential for testing.

     *

     * @return {@link Credential}

     */

    private static Credential createCredentialWithCertificateCredential(Boolean useCaCert0,

            Boolean useCert0)

            throws NoSuchAlgorithmException, CertificateEncodingException {

        Credential.CertificateCredential certCred = new Credential.CertificateCredential();

        certCred.setCertType("x509v3");

        if (useCert0) {

            certCred.setCertSha256Fingerprint(

                    MessageDigest.getInstance("SHA-256").digest(FakeKeys.CLIENT_CERT.getEncoded()));

        } else {

            certCred.setCertSha256Fingerprint(MessageDigest.getInstance("SHA-256")

                    .digest(FakeKeys.CLIENT_SUITE_B_RSA3072_CERT.getEncoded()));

        }

        return createCredential(null, certCred, null, new X509Certificate[] {FakeKeys.CLIENT_CERT},

                FakeKeys.RSA_KEY1, useCaCert0 ? FakeKeys.CA_CERT0 : FakeKeys.CA_CERT1);

    }

    /**

     * Helper function for generating user credential for testing.

     *

     * @return {@link Credential}

     */

    private static Credential createCredentialWithUserCredential(String username, String password) {

        Credential.UserCredential userCred = new Credential.UserCredential();

        userCred.setUsername(username);

        userCred.setPassword(password);

        userCred.setMachineManaged(true);

        userCred.setAbleToShare(true);

        userCred.setSoftTokenApp("TestApp");

        userCred.setEapType(EAPConstants.EAP_TTLS);

        userCred.setNonEapInnerMethod("MS-CHAP");

        return createCredential(userCred, null, null, null, null, FakeKeys.CA_CERT0);

    }

    /**

     * Helper function for generating Credential for testing.

     *

     * @param userCred Instance of UserCredential

     * @param certCred Instance of CertificateCredential

     * @param simCred Instance of SimCredential

     * @param clientCertificateChain Chain of client certificates

     * @param clientPrivateKey Client private key

     * @param caCerts CA certificates

     * @return {@link Credential}

     */

    private static Credential createCredential(Credential.UserCredential userCred,

            Credential.CertificateCredential certCred,

            Credential.SimCredential simCred,

            X509Certificate[] clientCertificateChain, PrivateKey clientPrivateKey,

            X509Certificate... caCerts) {

        Credential cred = new Credential();

        cred.setCreationTimeInMillis(123455L);

        cred.setExpirationTimeInMillis(2310093L);

        cred.setRealm("realm");

        cred.setCheckAaaServerCertStatus(true);

        cred.setUserCredential(userCred);

        cred.setCertCredential(certCred);

        cred.setSimCredential(simCred);

        if (caCerts != null && caCerts.length == 1) {

            cred.setCaCertificate(caCerts[0]);

        } else {

            cred.setCaCertificates(caCerts);

        }

        cred.setClientCertificateChain(clientCertificateChain);

        cred.setClientPrivateKey(clientPrivateKey);

        return cred;

    }

    /**

     * Verify that the unique identifier API generates an exception if HomeSP is not initialized.

     *